This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer File: aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer (raw, json) Hash identifier: Ih5nlMeiimANWQeBQin3FLyXXSfxeG/g7KWVjxAJ8LA= Subject key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EB51CAD618FF12EDC6C442B825F196 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:18:12 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.206.253.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:51:ca:d6:18:ff:12:ed:c6:c4:42:b8:25:f1:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68d097afd88aef3f10282f3218fc13f01a0de486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:99:31:c1:68:a8:22:11:8b:d4:08:44:8f:89: 64:1d:38:a8:04:ec:84:9a:c9:30:18:34:61:98:d8: 6c:31:c2:8c:72:ee:fb:74:4f:33:c2:ab:b2:0a:69: 95:14:50:fe:7e:9a:c9:1c:e7:33:b3:bd:19:73:4a: 84:f5:e2:c9:7d:26:7b:f2:e9:73:8a:bf:be:69:a8: e5:39:94:54:73:3f:d2:ce:1f:16:b6:44:69:4b:35: 30:ba:ef:c4:29:3e:b1:7b:7a:ae:ed:98:99:11:fc: d3:47:48:e4:35:8e:0e:e7:67:d1:4e:80:d2:af:6e: 82:65:a0:52:3d:19:05:70:c5:57:07:fa:b9:cc:fe: 65:79:94:26:2b:bd:fb:1a:96:01:8d:e5:b2:4b:77: 21:25:a9:84:82:77:65:54:6d:2a:7c:85:fc:02:e7: 14:a3:8b:7e:cd:52:a0:4b:6e:ba:7b:f8:6c:30:78: b8:3f:9f:22:39:77:8d:d6:48:7f:e7:c0:4c:d1:a0: eb:a9:61:b3:85:fb:87:ff:9f:41:f5:ca:75:be:7a: f2:94:ac:17:c3:1c:b6:48:fa:cb:0c:f7:e7:37:49: 34:71:d0:d6:8e:bd:da:61:bb:fb:16:9c:ce:22:5d: 30:7c:fb:1e:c7:b7:f8:14:78:f4:d4:ec:0d:d2:a6: 3f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.206.253.0/24 Signature Algorithm: sha256WithRSAEncryption 63:1c:18:7a:f1:4a:21:a4:0c:43:52:7d:dd:7b:4b:09:86:f0: 66:c4:17:c1:15:9c:66:d8:1d:a6:df:f3:37:19:20:fa:86:26: 58:a8:06:9d:cf:c7:96:82:74:41:34:39:35:3a:98:29:b4:3c: 06:52:1b:64:79:32:9e:3d:20:26:e5:fd:96:b7:f9:a3:01:25: aa:35:1c:64:05:80:56:04:f9:07:bc:d6:e3:b2:18:17:f2:20: cc:bb:29:b8:e5:12:ff:2c:a8:ac:9c:f5:98:9c:44:1f:f0:e8: 75:f7:c5:38:77:b6:84:a8:86:b5:ed:84:f1:fa:16:02:50:02: 0b:54:b0:d6:37:38:63:8d:83:88:34:e6:af:6c:f7:e9:15:8d: 8c:de:b5:6c:4d:e9:9e:4d:5f:55:ce:07:fa:b2:d2:19:c9:ed: 35:2f:a8:dd:cf:47:ca:63:5b:4b:a9:2f:cc:c7:95:cd:49:b5: 1d:78:6e:10:5a:99:c0:ea:e4:44:b5:29:c7:4b:64:a1:cf:fe: 0f:29:1c:1d:c4:54:fd:9c:4b:52:f0:2f:20:69:4b:13:8a:d7: 57:09:a3:fe:bc:90:a5:33:1e:9a:42:96:54:2d:a2:1b:9a:a3: 0b:29:92:e0:89:ad:c6:66:90:c2:fd:06:f5:51:3c:87:22:01: 5f:03:d6:56 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt261HK1hj/Eu3GxEK4JfGWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGQwOTdhZmQ4OGFlZjNmMTAyODJmMzIxOGZjMTNmMDFhMGRlNDg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopkxwWioIhGL1AhEj4lkHTioBOyE mskwGDRhmNhsMcKMcu77dE8zwquyCmmVFFD+fprJHOczs70Zc0qE9eLJfSZ78ulz ir++aajlOZRUcz/Szh8WtkRpSzUwuu/EKT6xe3qu7ZiZEfzTR0jkNY4O52fRToDS r26CZaBSPRkFcMVXB/q5zP5leZQmK737GpYBjeWyS3chJamEgndlVG0qfIX8AucU o4t+zVKgS266e/hsMHi4P58iOXeN1kh/58BM0aDrqWGzhfuH/59B9cp1vnrylKwX wxy2SPrLDPfnN0k0cdDWjr3aYbv7FpzOIl0wfPsex7f4FHj01OwN0qY/ywIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFGjQl6/Yiu8/ECgvMhj8E/AaDeSGMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdjMTFi ODE5LWQ0NTktNDEzNi05OTg3LWYwMjkyYTg3ZTY0MC8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Mx MWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdlNjQwLzAvNjhEMDk3QUZEODhB RUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME ALnO/TANBgkqhkiG9w0BAQsFAAOCAQEAYxwYevFKIaQMQ1J93XtLCYbwZsQXwRWc Ztgdpt/zNxkg+oYmWKgGnc/HloJ0QTQ5NTqYKbQ8BlIbZHkynj0gJuX9lrf5owEl qjUcZAWAVgT5B7zW47IYF/IgzLspuOUS/yyorJz1mJxEH/DodffFOHe2hKiGte2E 8foWAlACC1Sw1jc4Y42DiDTmr2z36RWNjN61bE3pnk1fVc4H+rLSGcntNS+o3c9H ymNbS6kvzMeVzUm1HXhuEFqZwOrkRLUpx0tkoc/+DykcHcRU/ZxLUvAvIGlLE4rX Vwmj/ryQpTMemkKWVC2iG5qjCymS4ImtxmaQwv0G9VE8hyIBXwPWVg== -----END CERTIFICATE-----Generated at Mon Jan 19 18:29:13 2026 by rpki-client